09-05-2022, 08:58 PM
Hi, I’d like to know if I can crack multiple wpa2 hashes at the same time with a single command, like this:
The file after a conversion
So do I have to edit the hc22000 file to isolate the mac I’m trying to crack each time I use it ?
Would that be a good approach or it would take longer to recover the password? If it takes the same amount of time I could try to recover the password for the whole file, instead of just one single MAC address.
I would appreciate any input
Code:
hashcat -m 22000 hash.hc22000 -1 ?l?d?u? -a 3 ?1?1?1?1?1?1?1?1?1?1
The file after a conversion
Code:
version (pcapng).........................: 1.0
operating system.........................: Linux 5.16.0-kali7-amd64
application..............................: hcxdumptool 6.2.6
interface name...........................: wlan0
interface vendor.........................: 002129
openSSL version..........................: 1.1
weak candidate...........................: 12345678
MAC ACCESS POINT.........................: 00cb009b656b (incremented on every new client)
MAC CLIENT...............................: b025aa77f3d7
REPLAYCOUNT..............................: 63476
ANONCE...................................: 4586aa9d79a8853862430bd80f75c1f2487d22a00b90820e42645af48bf0bcd2
SNONCE...................................: f677282d6f75b9fd78fe0928ce87d18679f21b9b4990c96451ccbce9eacce305
timestamp minimum (GMT)..................: 07.08.2022 21:11:46
timestamp maximum (GMT)..................: 07.08.2022 22:16:34
used capture interfaces..................: 1
link layer header type...................: DLT_IEEE802_11_RADIO (127)
endianess (capture system)...............: little endian
packets inside...........................: 19233
ESSID (total unique).....................: 73
BEACON (total)...........................: 58
BEACON (detected on 2.4GHz channel)......: 1 2 3 4 5 6 7 8 9 10 11
BEACON (SSID unset)......................: 6
ACTION (total)...........................: 17
ACTION (containing ESSID)................: 1
PROBEREQUEST.............................: 41
PROBEREQUEST (directed)..................: 4
PROBERESPONSE (total)....................: 36
AUTHENTICATION (total)...................: 71
AUTHENTICATION (OPEN SYSTEM).............: 70
AUTHENTICATION (unknown).................: 1
ASSOCIATIONREQUEST (total)...............: 16
ASSOCIATIONREQUEST (PSK).................: 13
REASSOCIATIONREQUEST (total).............: 7
REASSOCIATIONREQUEST (PSK)...............: 7
EAPOL messages (total)...................: 18918
EAPOL RSN messages.......................: 18918
EAPOLTIME gap (measured maximum usec)....: 87925
EAPOL ANONCE error corrections (NC)......: working
REPLAYCOUNT gap (suggested NC)...........: 7
EAPOL M1 messages (total)................: 18673
EAPOL M2 messages (total)................: 172
EAPOL M3 messages (total)................: 60
EAPOL M4 messages (total)................: 13
EAPOL pairs (total)......................: 1038
EAPOL pairs (best).......................: 18
EAPOL ROGUE pairs........................: 15
EAPOL pairs written to combi hash file...: 18 (RC checked)
EAPOL M12E2 (challenge)..................: 15
EAPOL M32E2 (authorized).................: 3
PMKID (useless)..........................: 859
PMKID (total)............................: 2
PMKID (best).............................: 2
PMKID ROGUE..............................: 1
PMKID written to combi hash file.........: 2
malformed packets (total)................: 3
BEACON error (total malformed packets)...: 3
So do I have to edit the hc22000 file to isolate the mac I’m trying to crack each time I use it ?
Would that be a good approach or it would take longer to recover the password? If it takes the same amount of time I could try to recover the password for the whole file, instead of just one single MAC address.
I would appreciate any input